Posted:1 hour ago
By:Hiring Kenya
Company Details
Industry:
Banking
Description:
Absa Bank Limited (Absa) is a wholly owned subsidiary of Barclays Africa Group Limited. Absa offers personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance. Barclays Africa Group Limited is 62.3% owned by Barclays Bank PLC and is listed on the JSE Limited. The Group is one of Africa’s major financial services providers offering personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance. The Group was formed through combining Absa Group Limited and Barclays’ African operations on 31 July 2013. Reflecting the enlarged group’s pan-African focus, the Group's name changed from Absa Group Limited, to Barclays Africa Group Limited on 2 August 2013. Registered head offices are in South Africa and the Group has majority stakes in banks in Botswana, Ghana,Kenya, Mauritius, Mozambique, Seychelles, South Africa, Tanzania (Barclays Bank Tanzania and National Bank of
Job Description
Job Summary
Senior Application Security Engineer with extensive penetration testing skills to lead advanced security assessments across web, mobile, APIs, cloud-native environments and AI-driven autonomous penetration testing platforms.
The ideal candidate combines deep technical expertise with architecture awareness and hands-on experience deploying and integrating security testing solutions
Job Description
Advanced Penetration Testing
- Conduct manual and automated penetration testing across:
- Web applications
- API (REST, GraphQL, SOAP)
- Mobile applications (iOS & Android)
- Cloud-native workloads and containerized environment
- Infrastructure
- Perform black-box and white box testing
- Perform business logic testing
- Validate and exploit findings to demonstrate real business risk
- Conduct threat modeling and attack surface analysis
AI & Autonomous Pentesting
- Design, operate and optimize AI-Driven autonomous pentesting platforms
- Tune LLM-Based testing agents and attack orchestration workflows
- Validate AI generated findings and reduce false positives
Reporting & Leadership
- Produce executive level reporting and technical reports
- Present findings to business, engineering and executive stakeholders
- Provide remediation guidance with practical implementation advice
- Mentor junior testers
- Contribute to internal security standards and processes
Required Skillsets
Technical Skills
- 5+ years of penetration testing experience
- Deep knowledge of:
- OWASP Top 10 (Web, API)
- Business Logic Exploitation
- Authentication and session management flows
- SSRF, RCE, injection flaws
- Experience with AI assisted penetration testing tools
- Understanding of LLM-based attacks, prompt injection risks, AI model abuse vectors
Experience with tools such as:
- Burp Suite (Advance Usage)
- Nmap
- Nessus
- Metasploit
- SAT/DAST tools
- Mobile testing tools (MobSF, Frida, Objection)
Certifications (Preferred)
- eJPT
- CEH
- OCSP
- AI security (Advantageous)
Soft Skills
- Excellent problem solving and analytical skills‑solving and analytical skills
- Ability to translate technical risk into business impact
- Strong communication and collaboration abilities
- Ability to work independently as well as contribute effectively within a team
Education
Bachelor`s Degrees and Advanced Diplomas: Physical, Mathematical, Computer and Life Sciences (Required)
Salary: Not specified
Otherpay: Benefits
Education: Diploma
Employment Type: Full Time
